package cn.wolfcode.rbac.web.controller;

import org.springframework.stereotype.Controller;

@Controller
public class LoginController {

   /* @Autowired
    private IEmployeeService employeeService;

    @Autowired
    private IPermissionService permissionService;
    
    @RequestMapping("/login")
    @ResponseBody
    public JsonResult login(String username,String password,HttpSession session){

        try {
            Employee employee = employeeService.login(username, password);
            // 登录成功，把登录用户放到 session 中，提供后期登录校验
            // 把登录用户存放到 session 中
            // session.setAttribute("EMPLOYEE_IN_SESSION",employee);
            UserContext.setCurrentUser(employee);

            //  如果不是超管，就把用户的权限数据存在 session中
            if(!employee.isAdmin()) {
                List<String> permissions = permissionService.selectByEmId(employee.getId());
               // session.setAttribute("PERMISSIONS_IN_SESSION", permissions);
                UserContext.setCurrentPermissions(permissions);
            }

            return new JsonResult();   // JsonResult类要加 无参构造器才能用
        } catch (Exception e) {
            e.printStackTrace();
            return new JsonResult(false,"账号和密码错误");
        }

    }

    @RequestMapping("/logout")
    public String logout(){
        UserContext.getSession().invalidate();  // 销毁 session (验证：注销后，进员工列表看看，进不去说明清除 session)
        return "redirect:/login.html";
    }
*/
   /* // 不使用 UserContext 工具类
    public String logout(HttpSession session){
        session.invalidate();  // 销毁 session
        return "redirect:/login.html"
    }*/

}
